Update :
The latest tweet from the hacker shows he compromised the database containing username and password details belong to these websites "The database of #MileyCyrus, #SelenaGomez......etc with 2,5 million users and pass is for sell, anyone interested email me at my mail"

Exclusive Information:
The hacker told E Hacking News that he found multiple vulnerabilities in the Groundctrl website and gained access to the database server.

He also gained access to the CMS panel which manages the celebrities' websites.

GroundCtrl CMS Panel

Original Article:

A hacker going by online handle "Ethical Spectrum" has hacked into websites belong to several celebrities and defaced the sites.

We are able to confirm that these are official websites of the celebrities, as it is being linked from their twitter account.

According to hackers twitter account(@Eth_Spectrum), he hacked into the above mentioned websites on March 8th. The website was restored after the breach. However, hacker mentioned he once again managed to deface them. ]

The defacement just reads "Why i hacked this site, you can ask this person greg.patterson@groundctrl.com".

Greg Patterson is the co-founder of the Groundctrl, an organization that build websites for artists. It appears the security breach started from Groundctrl.

Other affected sites:

Pat Green(patgreen.com),

Rob Thomas(robthomasmusic.com),

Rock Mafia(rockmafia.com ),

ritawilson.com ,

sum41.com

nickcarter.net

jordanknight.com

If you are not able to see the defacement, you can find the mirror here:
http://www.zone-h.org/archive/notifier=Ethical%20Spectrum

All of the affected websites are currently showing the maintenance error message except groundctrl official website.

Hacker didn't provide much information about the breach, so we are not sure how exactly he hacked into all of these websites, whether he found a zero-day exploit on the cms developed by groundctrl or all of the affected sites managed in a central place.

#Exclusive: Jordana Brewster, a Brazilian-American actress, best known for his role in Fast & Furious Movies, admitted that her twitter account was hijacked by cybercriminals.

According to followers report, the cyber criminals who hijacked the account has posted a spam tweet from her account. The incident was first reported by Eduard Kovacs at Softpedia.

"please ignore tweets ( except for this one) my account seems to have been hacked" recent tweet from @JordanaBrewster reads. "all good now".

Jordana Brewster twitter account hacked - Image : E Hacking News

I found she is not the only celebrity who fell victim to the twitter account hijack in this month.

Zach Roerig, an American actor who is best known for roles of Casey Hughes on As the World Turns, admitted that his twitter account was hacked.

"Burn 2 + inches off your waist losing up to 20 lbs of body fat in 28 days with hxxx://tinyurl. com/klwcpwq" The spam tweet reads.

The recent tweet from @zach_roerig "Once again being hacked sucks" apparently shows that this is not the first time his account being hijacked by cyber criminals.

Zach Roerig twitter account hacked - Image : E Hacking News

The story does not end here, the official twitter account of Pentagram, a design studio that was founded in 1972 , is also got hacked. Hackers posted the same spam tweet used in the Zach Roerig twitter hack.

"Dear Twitter followers, if you receive a direct message from us, please don't click on the link. We caught something that's going around." The recent tweet from pentagram reads.

Pentagram official twitter account hacked - Image : E Hacking News

*Update*:
I just found the following twitter accounts also fell victim to the spam attack: Hart Hanson (@HartHanson), @NewsBreaker, Jane Ellison MP(@janeellisonmp).

*Update 2:
Twitter account of Justin Bethel (@Jbet26), an American football cornerback for the Arizona Cardinals of the National Football League, also got hacked and spreading spam tweets.

The Turkish hacker known by his handle "Eboz" who breached Pakistani NIC and left the top websites defaced has hacked into the Skrillex's website and defaced it with the same page used in the previous attacks.

Just few minutes before, the skrillex.com website which is belong to the Sonny John Moore,an American electronic musician and singer-songwriter(stage name: Skrillex).

The hacker left a message as follows.(translated)"Always there for me in my homeboys friend
Have not shot me with every breath. Hello friends who still live in're not dead!"

And there was a hidden text saying this :""Nothing to do with the site facebook twitter accounts yoktur.Hepsi no fake forum account. "

Which seems to say that he is still he still alive, has no FB or Twitter account and that the people claiming to be him are fake.

Skrillex kept his cool laughed it off and did not seem that disturbed by the attack.

Canadian Ice Hockey Player Tyler Seguin has temporarily closed his twitter
account after repeatedly hackers hijacked his twitter account to post offensive messages.

The account was reportedly hacked twice within a few days and has been misused to post anti-gay messages.

" We’ve addressed the issue directly with Tyler and we’ll continue to work on educating our players regarding the importance of their conduct on all forms of social media." Official statement from the Dallas Stars organization reads.

The last tweet posted by Seguin is about shutting down his twitter account "After repeated attempts by 'hackers' to try to damage my reputation I have decided to shut down my twitter account for a while."

American singer and actress Cher fell victim to the twitter account hacks. Cybercriminals hijacked her account and posted a message about a diet brand.

She come to know about the security breach after her followers told her account was hijacked.

"You guys I’m really upset about this hacking thing ! What diet are you all talking about ?!" In one of the tweets , she said.

She is not the only celebrity whose account compromised by the cybercriminals. There are a number of celebrities fell victim to the twitter account hijack. The list includes Alec Baldwin, Australian model Miranda Kerr and Donald Trump.

The AOL mail account of Jeffery Tambor and his wife Kasia was hacked by a "celebrity hacker" called Guccifer. The hacker is also the reason behind many recent leaks on Dorothy Bush Koch , Colin Powell , Lisa Murkowski ,Jim Nantz , Patricia Legere , Bill Clinton and Sidney Blumenthal.

He leaked lots of data from the hacked accounts including private pictures and correspondences. He used Jeffrey Tambor's email account to distribute material previously stolen from the mail accounts of other victims, including former Bill Clinton aide Sidney Blumenthal and Joseph Verner Reed, a top United Nations under-secretary-general.And like his previous hacks he leaked private pictures of Mr.Jeffery Tambor.

He also used the AOL account of Kasia Tambor’s to send mails to reporters containing a memos of that Blumenthal sent to Hillary Clinton about the political situation in Libya.

Based on past attacks the IP address of the hacker is said to be from Russia but it is most probably a proxy, a hacker who is smart enough to pull of such hacks will not be leaving traces.

Emma Stone , an American actress has revealed that hackers have hijacked her twitter account and posted a series of tweets.

Fans of Emma were worried when a tweet was made from her account, an anagram for "Andrew and Shailene sitting in a tree", which appeared to claim her boyfriend Andrew Garfield was cheating on her with their Amazing Spider-Man 2 co-star Shailene Woodley - according to the CASTANET report.

"I have never tweeted, my friend. I've tweeted one time to Seth MacFarlane. I said, 'Me too, oh boy' In an interview for On Air With Ryan Seacrest, she explained.

She is not able to access her account because the hackers changed her email id and password, but since the incident, she and her team are trying to delete her twitter account.

Emma also revealed it was only when the tweet about Shailene and Andrew made headlines that she found out she had been hacked.

"That was the first one I heard. And then I heard there was a rich history of other things I've tweeted and deleted, and I didn't know about any of this happening because I don't go on Twitter." Emma said.

When this site went viral online and gained lots of media attention the FBI got involved and is now investigating.

Data seems to be from credit reporting agency's TransUnion, Experian and Equifax. All of them admitted they were compromised.

TransUnion, Equifax and Experian have a common website called annualcreditreport.com, where customers can get a free copy of their credit report by entering personal information – such as address, social security number and date of birth –, and by answering a few multiple-choice questions.

“What it appears happened is that personal identifiable information was evidently accessed or somehow obtained by the fraudsters who therefore were able to go into annualcreditreport.com and get some pieces of information on some individuals,” Equifax representatives told Ars Technica.

Here is an exclusive analysis of the site:

The website is running behind Cloudflare (CDN). Using Cloudflare has a lot of advantages .

It hides the actual IP address of the site thus it will slow down attempts to trace and take down the original server.

Keeps the site content on cache even if it is taken down by DDOS etc.

Even a small server will be able to handle lots of traffic.

Note: Cloudflare was also used by the infamous "Lulzsec" before they were shutdown

The hacker seems to be a fan of the TV series "Dexter" which is about "A likeable Miami police forensics expert who moonlights as a serial killer of criminals who he believes have escaped justice" .

First the Quote on the main page "If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve"

It is from the same TV show (Episode 12: "The British Invasion")

Second the background music embedded in the site links to : (Music from the TV show) https://www.youtube.com/watch?v=e2xxizpHuoo

The website also does not contain any images hosted within itself . All the images are taken from other sites that have already hosted them.

The use of .su domain seems be an diversion to try to shift the attention to Russian hackers.

The twitter account of a famous south korean singer Eun Hyuk (@AllRiseSilver) has been hacked and is now the latest addition to the long list of famous celebrities that were hacked this year.

Tweet: "So my account had been hacked into. No wonder that other time a tweet I had never written came up and was erased again... Now I′m following ′Heenim′ (Heechul), who isn′t even on Twitter anymore? Who′s impersonating him this time? Yeah, great."

After recovering his account he tweeted (Translated) : You've got my account hacked. Somehow came up the last time I AIME Mentions were erased ... with huinim post say matpal? Spivey, who impersonate? It vs. or http:// twitpic.com/cail69

Unlike other twitter hacks this does not seem like an attempt to exploit the users by attempting to infect them or stealing traffic.It looks like it was just done "for fun" .

The most interesting thing is the followers reaction to this .

As you can see these sort of hacks lead to a negative attitude towards hackers.

Yet famous people on twitter should note that they are also equally responsible for these sort of hacks. They have the moral responsibility to keep their accounts secure as possible, cause when they get hacked they are also putting at risk all the innocent users that are following them.

Justin Bieber's Twitter account was hacked and the following tweet was send to his 19 million followers: " 19 million my ass. #biebermyballs". The hacker also started unfollowing and blocking Bieber’s followers, according to Zdnet report.

Fortuantely, the tweet was deleted. Either the hacker in question deleted it right after posting it, or (more likely) someone else was active on the account at the time, saw it, and deleted it.

"Bieber’s team reportedly worked quickly to follow everyone back once they regained complete control of the account. Bieber’s account may be verified, but if someone gains access to a verified Twitter account, it doesn’t become unverified."The report says.

The hashtag "biebermyballs" sounds familiar, it should, same words were tweeted repeatedly from Carly Rae Jepsen's Twitter account after it was hacked several weeks ago. It is not clear if Bieber's account was hacked same person. The hacker responsible for Jepsen's hack was not identified yet .